[Wimse] Re: Runtime costs of multiple signatures?
"Dean H. Saxe" <dean@thesax.es> Fri, 26 July 2024 13:53 UTC
Return-Path: <dean@thesax.es>
X-Original-To: wimse@ietfa.amsl.com
Delivered-To: wimse@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8CB6AC1E0D9C for <wimse@ietfa.amsl.com>; Fri, 26 Jul 2024 06:53:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.904
X-Spam-Level:
X-Spam-Status: No, score=-1.904 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=thesax-es.20230601.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A_2SI_llP8at for <wimse@ietfa.amsl.com>; Fri, 26 Jul 2024 06:53:23 -0700 (PDT)
Received: from mail-pl1-x629.google.com (mail-pl1-x629.google.com [IPv6:2607:f8b0:4864:20::629]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C1FFDC1E6409 for <wimse@ietf.org>; Fri, 26 Jul 2024 06:53:23 -0700 (PDT)
Received: by mail-pl1-x629.google.com with SMTP id d9443c01a7336-1fd66cddd4dso6511635ad.2 for <wimse@ietf.org>; Fri, 26 Jul 2024 06:53:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=thesax-es.20230601.gappssmtp.com; s=20230601; t=1722002003; x=1722606803; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=YOX3ui/4Zo0x5gTPEHceN1LRfrNZBtf/KZjcrdWpxhI=; b=idhVXU92HVdJrm/TBkjSr9o01vCwEp/DTbzHaKu9dgp5zbjtpGwp2uf1i2AYEMi4On OpgUPl4LVph/i8bbWXuhUrWBCIMlKF3fdbWtusYOaOtWmp1OYCqv0I6EBL9jkxydYULo nUsTLjJDHQGWmnaeUqjv6TJwDTjKPbYSh+tSdl0/iINA/64d5pjgBaVuNnlP4icAVV8s y00QU37QhWzBs7JpSsAh3OrrShu51e4q1IS+WzBsxYnOPfZ+441nTOf37dJUfVkTYsor TXck+fwVj91d2pgH0bMmI8vHQBrd4pXfbvoiBf7lOD/swno2aIq57NjZ3aUvDL5p9cyb 9rIQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722002003; x=1722606803; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=YOX3ui/4Zo0x5gTPEHceN1LRfrNZBtf/KZjcrdWpxhI=; b=CPhHWb7tXagz0BgjyGM8PpO+hohhmpOW4zsdzpolubjJVWdXe8RpcRuCMJTkKAJPMC gc6T1VWDPcIJcox4sa0wqB344MOW7KBuk7PuRRcAm+P7aYFTVqfz7Pe0RwBG5WFMGb4v rPv+Awe3bAPy+M1ohu8+lcl43zbisAgawWm3XnZI7UODbjWfUxdJPzEbpeVHahcTR0jf l/FA4601HjEVR3hjKKEZ6nxD1Xs9Fo0LYrf7Nv5YIm04jLklM0f+CTZoVPb35pE3QICa Ro0q+PBjrcMAbp8BXrGo4fHHpcvZl20HsewemfTJwRphW2RK8M3S6U6XeqerolE1xwjW AnsQ==
X-Gm-Message-State: AOJu0YyR0dSlkuKAvhYiPMn/xlgV59L5jAiu6dL4k+alHa1jBnEGpX8s 0x9IEeSEqRn+nafivD0hwrU3ZMMsNqjgD4p/P3mViiudF6pGkN80NwemRy6w6BEGWIY19QbrHG/ 6R5RT86d/vayGrvqHJDJMLjIpZkW7B4ypzOC1VA==
X-Google-Smtp-Source: AGHT+IG1dgmZNvYmAJE9emcR7QdLHEbPadRvcamVfinFUuPywoNcWBZJ7NV9YvCmzxEg4IIhUr52auaaq+stRZW+l+U=
X-Received: by 2002:a17:902:d481:b0:1fd:8e8b:b2d1 with SMTP id d9443c01a7336-1fed38c2e95mr85887655ad.33.1722002002609; Fri, 26 Jul 2024 06:53:22 -0700 (PDT)
Received: from 1064022179695 named unknown by gmailapi.google.com with HTTPREST; Fri, 26 Jul 2024 13:53:21 +0000
Received: from 1064022179695 named unknown by gmailapi.google.com with HTTPREST; Fri, 26 Jul 2024 13:53:17 +0000
MIME-Version: 1.0 (Mimestream 1.3.6)
References: <9EFDE84B-77A9-4CB8-8E10-96D6305FD42A@amazon.com>, <CACsn0cnNQZFV3xefxCOGXKVhD6LNjSovap-39=r-jd7-r1VG-A@mail.gmail.com> <89478A9C-609B-4A7B-B310-382B9F3565D4@amazon.com>
In-Reply-To: <89478A9C-609B-4A7B-B310-382B9F3565D4@amazon.com>
From: "Dean H. Saxe" <dean@thesax.es>
Date: Fri, 26 Jul 2024 13:53:21 +0000
Message-ID: <CAPzg_DfUHOg7jRArH_GgTp9KEMKkrj446fFxXYZ7kHbv5L8PqQ@mail.gmail.com>
To: "McAdams, Darin" <darinm=40amazon.com@dmarc.ietf.org>
Content-Type: multipart/alternative; boundary="000000000000ab286a061e26d532"
Message-ID-Hash: Y27R2AKQDE3V7JB7DBOUQV3O3XTK5RB3
X-Message-ID-Hash: Y27R2AKQDE3V7JB7DBOUQV3O3XTK5RB3
X-MailFrom: dean@thesax.es
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "wimse@ietf.org" <wimse@ietf.org>, Watson Ladd <watsonbladd@gmail.com>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [Wimse] Re: Runtime costs of multiple signatures?
List-Id: WIMSE Workload Identity in Multi-Service Environment <wimse.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/wimse/Xom7ER0UcOVX-yviAFCpU6W53rQ>
List-Archive: <https://mailarchive.ietf.org/arch/browse/wimse>
List-Help: <mailto:wimse-request@ietf.org?subject=help>
List-Owner: <mailto:wimse-owner@ietf.org>
List-Post: <mailto:wimse@ietf.org>
List-Subscribe: <mailto:wimse-join@ietf.org>
List-Unsubscribe: <mailto:wimse-leave@ietf.org>
Darin, I see this as a combination of the existing use cases in https://datatracker.ietf.org/doc/draft-rosomakho-wimse-tokentranslation-reqs/? Specifically use cases 1, 2, and 4: token format change, token encoding change, and embedding one token in another. The tokens would still have to be processed at least once to make these transformations in order to reduce the processing overhead down the call stack. Embedding may not be *exactly* what’s required, perhaps there’s an additional use case to consider that enables bundling or combining tokens. I’ll author a PR to add this use case. -dhs -- Dean H. Saxe dean@thesax.es On Jul 25, 2024 at 5:49:44 PM, "McAdams, Darin" <darinm= 40amazon.com@dmarc.ietf.org> wrote: > ECDSA 256 verification is a part of it. There’s also multiple invocations > of a JSON parser to get at contents of the JWTs, and other overhead. > > On Jul 24, 2024, at 3:17 PM, Watson Ladd <watsonbladd@gmail.com> wrote: > > > CAUTION: This email originated from outside of the organization. Do not > click links or open attachments unless you can confirm the sender and know > the content is safe. > > > > > > On Wed, Jul 24, 2024 at 2:35 PM McAdams, Darin > > > <darinm=40amazon.com@dmarc.ietf.org> wrote: > > > > > > I ran the numbers and we’re on the edge of what (I think) is acceptable, > and on a slippery slope. > > > > > > Here’s the stats. Consider 4 tokens that could become common in > workloads: (1) access_token, (2) WIT token, (3) WPT Token, (4) Txn-Token. > Based on the examples in the specs, we’re in the ballpark of ~2K bytes (25% > of typical 8K header space), and approaching a millisecond in processing > time for all the hashing, signature verification, and JSON parsing. And, > that’s the baseline. It would increase further with RAR, or adding richer > context to a Txn-Token, and so on. > > > > > > The reason I say it’s a slippery slope is because I’m observing a > pattern where each WG solves it’s goals by adding 1-2 tokens to a request. > Viewed independently, each decision is logical. Cumulatively, it leads to a > tragedy of the commons in terms of consuming the shared, finite space in > HTTP headers. > > > > > > Workloads are especially sensitive to these details due to the scale at > which they operate. As a result, I would raise the question whether the > working group’s criteria for evaluating solutions should include some > reasonable goals on cumulative token sizes and processing time. This may > lead us to consider more compact representations of tokens, or perhaps > mechanisms to bundle more information under fewer signatures. > > > ECDSA 256 is 53 microseconds to verify on my mac according to openssl > > speed. 4 of them is 212 microseconds. Where is the other 700 > > microseconds coming from to get to a millisecond/can we fix this by > > using more compact formats? > > > Sincerely, > > Watson > > > > > -- > > Astra mortemque praestare gradatim > > -- > Wimse mailing list -- wimse@ietf.org > To unsubscribe send an email to wimse-leave@ietf.org >
- [Wimse] Re: Runtime costs of multiple signatures? Yogi Porla
- [Wimse] Runtime costs of multiple signatures? McAdams, Darin
- [Wimse] Re: Runtime costs of multiple signatures? McAdams, Darin
- [Wimse] Re: Runtime costs of multiple signatures? Watson Ladd
- [Wimse] Re: Runtime costs of multiple signatures? McAdams, Darin
- [Wimse] Re: Runtime costs of multiple signatures? Dean H. Saxe
- [Wimse] Re: Runtime costs of multiple signatures? Justin Richer
- [Wimse] Re: Runtime costs of multiple signatures? Dean H. Saxe
- [Wimse] Re: Runtime costs of multiple signatures? A.J. Stein
- [Wimse] Re: Runtime costs of multiple signatures? Brian Campbell
- [Wimse] Re: Runtime costs of multiple signatures? Dmitry Izumskiy
- [Wimse] Re: Runtime costs of multiple signatures? Yaron Sheffer